CLAIMS 



What is claimed is: 

1 . A method for a multi-protocol edge switch to process received data 
frames, the edge switch connected to at least two networks that each use distinct 
data link layer network protocols, the method comprising: 

receiving multiple data frames transmitted from source nodes on a 
first of the networks that uses a first data link layer network protocol, each data 
frame comprising a header and a payload specified in a manner specific to the 
first data link layer network protocol, each header including an indication of a 
destination network address corresponding to a node on a second of the networks 
and each payload including a message specified using an application layer 
network protocol; and 

for each of the multiple received data frames, 

deconstructing the data frame to identify the indicated 
destination network address and the payload for the data frame, the 
deconstructing performed in a manner based on the first data link layer network 
protocol; 

without deconstructing the data frame a second time, 
processing the deconstructed data frame by performing each of multiple 
processing techniques in parallel, the multiple processing techniques including, 

analyzing the identified payload in order to determine a 
type of the included message, the analyzing performed in a manner based on the 
application layer network protocol used to specify the included message; 

analyzing the identified payload to verify an absence of 

disallowed content; 

selecting one of multiple nodes of the second network to 
which the identified destination network address corresponds, the multiple nodes 
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each associated with the identified destination network address, the selecting 
performed so as to balance processing loads on the multiple nodes; and 

constructing a distinct data frame for transmission to the 
selected one node, the distinct data frame comprising a header and the identified 
payload and specified in a manner specific to the data link layer network protocol 
used by the second network; and 

transmitting the constructed distinct data frame to the selected 
one node on the second network, 

so that each of the received data frames can be processed in multiple ways in 
parallel based on a single deconstruction of the data frame before transmitting the 
payload of the data frame to a destination node. 

2. The method of claim 1 wherein the multiple processing techniques 
are each performed using distinct processing capabilities of the multi-protocol 
edge switch. 

3. The method of claim 2 wherein the distinct processing capabilities 
are distinct processors of the multi-protocol edge switch. 

4. The method of claim 1 including, before the transmitting of the 
constructed data frame, modifying the constructed data frame based on 
information generated during the analyzing of the identified payload to determine 
the type of the included message, the analyzing of the identified payload to verify 
the absence of disallowed content, and the selecting of the one node. 

5. The method of claim 1 wherein the transmitting of each of the 
constructed data frames is performed in a manner based on one or more of the 
analyzing of the identified payload to determine the type of the included message, 
the analyzing of the identified payload to verify the absence of disallowed content, 
and the selecting of the one node. 
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6. The method of claim 1 wherein the data link layer network protocol 
used by one of the networks is an Ethernet protocol. 

7. The method of claim 1 wherein the data link layer network protocol 
used by one of the networks is a Fibre Channel protocol. 

8. The method of claim 1 wherein the data link layer network protocol 
used by one of the networks is an InfiniBand protocol. 

9. The method of claim 1 wherein the deconstructing of each of the 
data frames is performed by a network processor of the multi-protocol edge 
switch. 

10. The method of claim 1 wherein the deconstructing of each of the 
data frames further identifies a type of the identified payload, and wherein one or 
more of the processing techniques are performed in a manner based at least in 
part on the identified type of the identified payload. 

1 1 . The method of claim 1 wherein the message included in at least 
some of the identified payloads is an HTTP message, and wherein the analyzing 
of each of those payloads to determine the type of the included message includes 
identifying a Uniform Resource Identifier specified in the message. 

12. The method of claim 1 wherein the analyzing of the identified 
payload of each of the received data frames includes extracting contents of the 
message included in that payload in a manner based on the application layer 
network protocol used to specify the message. 



13. The method of claim 1 wherein the transmitting of a constructed 
distinct data frame for a received data frame is not performed if the analyzing of 
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the identified payload of the received data frame to verify an absence of 
disallowed content fails to verify the absence. 

[ci4] 14. The method of claim 1 wherein the transmitting of a constructed 

distinct data frame for a received data frame is not performed if the selecting of 
the one of the multiple nodes is unable to sufficiently balance the processing 
loads on the multiple nodes. 



15. The method of claim 1 including, for each of the received data 
frames, adding to the header of the constructed data frame an indication of a 
second destination network address corresponding to the selected one node, the 
second destination network address distinct from the destination network address 
identified for that received data frame. 

16. The method of claim 1 including, for each of the received data 
frames, determining a transmittal virtual path identifier that is assigned to a path 
to the selected one node through the second network to which that node belongs, 
and wherein the transmitting of the constructed distinct data frame to the selected 
one node on the second network uses the determined transmittal virtual path 
identifier so that the data frame is routed through the second network along the 
path. 

17. The method of claim 16 wherein, for each of the received data 
frames, the determined transmittal virtual path identifier is added to the header of 
the distinct data frame in place of a destination network address for the selected 
one node. 

18. The method of claim 16 wherein the determining of the transmittal 
virtual path identifier that is assigned to the path to the selected one node for a 
received data frame includes registering with a network manager for the second 
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network to which the selected one node belongs and receiving in response the 

transmittal virtual path identifier. 

19. A computer-implemented method for processing received data 
communications, the method comprising: 

receiving data to be communicated through a network to a 
destination, the received data formatted in accordance with a first protocol; and 

processing at least portions of the received data that are identified as 
relevant by performing each of multiple techniques in parallel, the multiple 
techniques including, 

analyzing contents included in at least some of the identified 
portions in order to determine whether a specified type of content is present; and 

determining the destination for the received data in a manner 
so as to load balance multiple possible destinations. 

20. The method of claim 1 9 including communicating the received data 
to the determined destination. 

21. The method of claim 19 including determining a virtual identifier that 
corresponds to a path through the network to the determined destination and that 
will be used to route the received data through the network to the determined 
destination. 

22. The method of claim 19 wherein the portions of the received data to 
be processed are identified by deconstructing the received data. 

23. The method of claim 22 wherein the deconstructing of the received 
data is performed in a manner based on the first protocol. 
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[c24] 24. The method of claim 22 wherein the deconstructing of the received 

data is performed only a single time, 

[c25] 25. The method of claim 19 wherein the first protocol is a data link layer 

network protocol. 

[c26] 26. The method of claim 19 wherein the first protocol is a network layer 

network protocol. 

[c27] 27. The method of claim 19 wherein the first protocol is a transport layer 

network protocol. 

p! [c28] 28. The method of claim 19 wherein the first protocol is an application 

p layer network protocol. 

[c29] 29. The method of claim 1 9 wherein the first protocol is a bus protocol. 

S ■ ' 

[c30] 30. The method of claim 19 wherein the first protocol is Fibre Channel. 

f ^ 

M [c3i] 31 . The method of claim 1 9 wherein the first protocol is InfiniBand. 

[c32] 32. The method of claim 19 wherein the received data is a data frame or 

a data packet, and wherein the identified portions of the received data include a 
header portion of the received data. 

[c33] 33. The method of claim 1 9 wherein the received data is a data frame or 

a data packet, and wherein the identified portions of the received data include a 
payload portion of the received data. 
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34. The method of claim 19 wherein the identified portions of the 
received data include entries in a header portion of the received data. 



Li. 

.as?* 



[c35] 35. The method of claim 19 wherein the identified portions of the 

received data include portions of a payload of the received data. 

[c36] 36. The method of claim 19 wherein the analyzing of the contents 

included in the identified portions includes determining whether at least some of 
the identified portions include prohibited content. 

[c37] 37. The method of claim 36 including blocking transmittal of the received 

data when it is determined that one or more of the identified portions include 
prohibited content. 

[c38] 38. The method of claim 36 including, when it is determined that one or 

more of the identified portions include prohibited content, removing the prohibited 
content from the received data. 

[c39] 39. The method of claim 19 wherein the analyzing of the contents 

included in the identified portions includes determining whether at least some of 
the identified portions do not include required content. 

[c40] 40. The method of claim 19 including providing firewall functionality 

based on the analyzing of the contents included in the identified portions. 



[c41] 



41. The method of claim 19 wherein the multiple techniques performed 
in parallel further include formatting the received data in accordance with a 
distinct second protocol. 



[03004-8038 app.doc] ^2- 



42. The method of claim 19 wherein the multiple techniques performed 
in parallel further include analyzing at least some of the identified portions in 
order to classify a type of those portions of the received data. 

43. The method of claim 42 wherein the classifying of the type of the 
identified portions of the received data includes classifying those identified 
portions in a manner based on an application layer protocol used to format the 
data of those identified portions. 

44. The method of claim 1 9 wherein the method is performed by a multi- 
protocol edge switch connected to at least two networks that each use distinct 
protocols. 

45. The method of claim 19 wherein the multiple processing techniques 
are each performed using distinct processing capabilities of a computing system 
performing the method. 

46. The method of claim 45 wherein the distinct processing capabilities 
are distinct processors of the computing system. 

47. A computer-readable medium whose contents cause a computing 
device to process received data communications by performing a method 
comprising: 

receiving data to be communicated through a network to a 
destination; and 

processing at least portions of the received data that are identified as 
being of interest by performing each of multiple techniques in parallel, the multiple 
techniques including, 

determining whether a disallowed type of content is present in 
at least some of the identified portions of the received data; and 
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load balancing multiple possible destinations in order to 
determine the destination to which the received data will be transmitted. 

48. The computer-readable medium of claim 47 wherein the multiple 
techniques performed in parallel further include classifying a type of at least some 
of the identified portions of the received data. 

49. The computer-readable medium of claim 47 wherein the multiple 
techniques performed in parallel further include formatting the received data in 
accordance with a second protocol distinct from a first protocol in accordance with 
which the received data is formatted. 

50. The computer-readable medium of claim 47 wherein the method 
further comprises indicating to communicate the received data to the determined 
destination. 

51. The computer-readable medium of claim 47 wherein the portions of 
the received data to be processed are identified by deconstructing the received 
data a single time, each of the multiple techniques using the deconstructed 
received data. 

52. The computer-readable medium of claim 47 wherein the computer- 
readable medium is a memory of a computer system. 

53. The computer-readable medium of claim 47 wherein the computer- 
readable medium is a data transmission medium transmitting a generated data 
signal containing the contents. 
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64. The computer-readable medium of claim 47 wlierein the contents 
are instructions that when executed cause the computing device to perform the 
method. 

55. A computing device for processing received data communications, 
comprising: 

a first component capable of receiving data to be communicated 
through a network to a destination; and 

multiple processing components each capable of performing one of 
multiple techniques in parallel in order to process at least portions of the received 
data, the multiple techniques including, 

analyzing contents included in at least some of the identified 
portions in order to determine whether a specified type of content Is present; and 

determining the destination for the received data in a manner 
so as to load balance multiple possible destinations. 

56. The computing device of claim 55 wherein the computing device is a 
multi-protocol node on the network, and wherein the multiple techniques include 
formatting the received data in accordance with a second protocol distinct from a 
first protocol in accordance with which the received data is formatted. 

57. The computing device of claim 55 wherein the computing device is a 
multi-protocol edge switch. 

58. The computing device of claim 55 wherein the first component is 
executing in memory of the computing device. 

59. The computing device of claim 55 wherein the processing 
components each execute on a distinct processor of the computing device. 
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60. A computer system for processing received data communications, 
comprising: 

means for receiving data to be communicated through a network to a 
destination, the received data formatted in accordance with a first protocol; and 

means for processing at least portions of the received data that are 
identified as relevant by performing each of multiple techniques in parallel, the 
multiple techniques including, 

analyzing contents included in at least some of the identified 
portions in order to determine whether a specified type of content is present; and 

determining the destination for the received data in a manner 
so as to load balance multiple possible destinations. 

61. A computer-implemented method for processing received data 
communications, the method comprising: 

receiving data to be communicated through a network to a 
destination, the received data formatted in a first manner; 

deconstructing the received data in order to identify portions of the 
received data that each have contents; and 

processing the deconstructed data by performing at least three of 
multiple techniques in parallel, the multiple techniques including, 

classifying a type of at least some of the contents of the 

received data; 

analyzing at least some of the contents in order to determine 
whether a disallowed type of content is present; 

determining the destination for at least some of the contents in 
a manner so as to load balance multiple possible destinations; and 

formatting at least some of the contents in a distinct second 

manner. 
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[c62] 62. The method of claim 61 including communicating the formatted 

contents to the detemiined destination. 



tc63] 63. The method of claim 61 including determining which of the multiple 

techniques to perform based on the received data. 

[064] 64. The method of claim 61 including performing each of the multiple 

techniques. 

65. A computer-implemented method for processing received data 
communications, the method comprising: 

receiving data to be communicated through a network to a 
destination, the received data formatted in accordance with a first protocol; and 

processing at least portions of the received data that are identified as 
relevant by performing at least two of multiple techniques in parallel, the multiple 
techniques including, 

classifying a type of at least some of the identified portions; 
analyzing contents included in at least some of the identified 
portions in order to determine whether a specified type of content is present; and 

formatting at least some of the Identified portions in accordance 
with a distinct second protocol that is selected based on the destination. 

66. The method of claim 65 including determining which of the multiple 
techniques to perform based on the received data. 

Ic67] 67. The method of claim 65 including performing each of the multiple 

techniques. 



[c65] 
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68. A computer-implemented method for processing received data 
communications, the method comprising: 

receiving data to be communicated through a network to a 
destination, the received data formatted in accordance with a first protocol; and 

processing at least portions of the received data that are identified as 
relevant by performing at least two of multiple techniques in parallel, the multiple 
techniques including, 

classifying a type of at least some of the identified portions; 

determining the destination for at least some of the identified 
portions in a manner so as to load balance multiple possible destinations; and 

formatting at least some of the identified portions in accordance 
with a distinct second protocol that is selected based on the determined 
destination. 

69. The method of claim 68 including determining which of the multiple 
techniques to perform based on the received data. 

70. The method of claim 68 including performing each of the multiple 
techniques. 

71. A computer-implemented method for processing received data 
communications, the method comprising: 

receiving data to be communicated through a network to a 
destination; and 

processing at least portions of the received data that are identified as 
relevant by performing each of multiple techniques in parallel, the multiple 
techniques including, 

classifying a type of contents of at least some of the identified 
portions of the received data; 
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analyzing contents of at least some of the identified portions in 
order to determine whether a disallowed type of content is present; 

determining the destination for contents of at least some of the 
identified portions in a manner so as to load balance multiple possible 
destinations; and 

formatting contents of at least some of the identified portions in 
accordance with a second protocol corresponding to the destination. 
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